Skip to content

Policy: AWSBackupServiceRolePolicyForRestores

ARN: arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForRestores

Allowed Actions

Actions Services
backup-gateway:Restore backup-gateway
cloudformation:CreateChangeSet cloudformation
cloudformation:DescribeChangeSet cloudformation
cloudformation:TagResource cloudformation
ds:DescribeDirectories ds
dynamodb:BatchWriteItem dynamodb
dynamodb:DeleteItem dynamodb
dynamodb:DescribeTable dynamodb
dynamodb:GetItem dynamodb
dynamodb:PutItem dynamodb
dynamodb:Query dynamodb
dynamodb:RestoreTableFromAwsBackup dynamodb
dynamodb:RestoreTableFromBackup dynamodb
dynamodb:Scan dynamodb
dynamodb:UpdateItem dynamodb
ebs:CompleteSnapshot ebs
ebs:PutSnapshotBlock ebs
ebs:StartSnapshot ebs
ec2:CreateTags ec2
ec2:CreateTags ec2
ec2:CreateVolume ec2
ec2:DeleteSnapshot ec2
ec2:DeleteTags ec2
ec2:DeleteVolume ec2
ec2:DescribeAccountAttributes ec2
ec2:DescribeAddresses ec2
ec2:DescribeAvailabilityZones ec2
ec2:DescribeImages ec2
ec2:DescribeInstances ec2
ec2:DescribeInternetGateways ec2
ec2:DescribeSecurityGroups ec2
ec2:DescribeSnapshotTierStatus ec2
ec2:DescribeSnapshots ec2
ec2:DescribeSubnets ec2
ec2:DescribeVolumes ec2
ec2:DescribeVpcs ec2
ec2:RestoreSnapshotTier ec2
ec2:RunInstances ec2
ec2:TerminateInstances ec2
elasticfilesystem:CreateFilesystem elasticfilesystem
elasticfilesystem:DeleteFilesystem elasticfilesystem
elasticfilesystem:DescribeFilesystems elasticfilesystem
elasticfilesystem:Restore elasticfilesystem
elasticfilesystem:TagResource elasticfilesystem
fsx:CreateFileSystemFromBackup fsx
fsx:CreateVolumeFromBackup fsx
fsx:CreateVolumeFromBackup fsx
fsx:DeleteFileSystem fsx
fsx:DeleteVolume fsx
fsx:DescribeBackups fsx
fsx:DescribeFileSystems fsx
fsx:DescribeVolumes fsx
fsx:TagResource fsx
fsx:TagResource fsx
fsx:TagResource fsx
fsx:UntagResource fsx
fsx:UntagResource fsx
kms:CreateGrant kms
kms:Decrypt kms
kms:DescribeKey kms
kms:Encrypt kms
kms:GenerateDataKey kms
kms:GenerateDataKeyWithoutPlaintext kms
kms:ReEncryptFrom kms
kms:ReEncryptTo kms
rds:AddTagsToResource rds
rds:CreateDBInstance rds
rds:CreateTenantDatabase rds
rds:DeleteDBCluster rds
rds:DeleteDBInstance rds
rds:DeleteTenantDatabase rds
rds:DescribeDBClusterSnapshots rds
rds:DescribeDBClusters rds
rds:DescribeDBInstances rds
rds:DescribeDBSnapshots rds
rds:ListTagsForResource rds
rds:RestoreDBClusterFromSnapshot rds
rds:RestoreDBClusterToPointInTime rds
rds:RestoreDBInstanceFromDBSnapshot rds
rds:RestoreDBInstanceToPointInTime rds
redshift:DescribeClusters redshift
redshift:DescribeTableRestoreStatus redshift
redshift:RestoreFromClusterSnapshot redshift
redshift:RestoreTableFromClusterSnapshot redshift
redshift-serverless:GetNamespace redshift-serverless
redshift-serverless:GetTableRestoreStatus redshift-serverless
redshift-serverless:RestoreTableFromSnapshot redshift-serverless
storagegateway:AddTagsToResource storagegateway
storagegateway:CreateCachediSCSIVolume storagegateway
storagegateway:CreateStorediSCSIVolume storagegateway
storagegateway:DeleteVolume storagegateway
storagegateway:DescribeCachediSCSIVolumes storagegateway
storagegateway:DescribeGatewayInformation storagegateway
storagegateway:DescribeStorediSCSIVolumes storagegateway
storagegateway:ListVolumes storagegateway
timestream:DescribeDatabase timestream
timestream:DescribeEndpoints timestream
timestream:DescribeTable timestream
timestream:GetAwsRestoreStatus timestream
timestream:ListDatabases timestream
timestream:ListTables timestream
timestream:ListTagsForResource timestream
timestream:StartAwsRestoreJob timestream